I have a server that was setup by an admin who is no longer around which leaves the rest of us normal users stumbling in the dark. The machine uses CentOS 7, and the admin seems to have made security primarily go through iptables (though I understand that firewalld would normally be the default). I was attempting to add a rule to iptables which ended up backfiring on me in a fantastic way. I was following a walk through for CentOS 6, and here is where things blew up:
Code: Select all
# service iptables stop
# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
# service iptables save
# service iptables restart
Before inputting these commands, I verified that iptables -L and /etc/sysconfig/iptables had the same rules (The admin had apparently done something that causes a discrepancy between the two when the machine first boots, so I usually need to reset some services before the machine is functional). My expectation was that the iptables command would ADD one new rule to the pre-existing set of rules and then save that. What ACTUALLY happened was that this command deleted ALL the other rules and saved just this single rule. I have the output of iptables -L saved from just before running that command. It's mostly default rules with the exception of opening a few ports (ssh, http, https, and msgsrvr) plus a rule for fail2ban. However, now I have no idea what went wrong and how I'm supposed to actually ADD rules instead of replacing them.